Friday, August 11, 2017

No hack of DNC on 7/5/16 by Russia or anyone else per publicly available forensic evidence. DNC documents were downloaded at 6:45pm on 7/5/16 using portable storage device in US Eastern Daylight time zone. Transfer speed also precludes possibility of hack. For NSA, DOJ, FBI, and CIA to remain silent about these findings now is close to duplicity-Patrick Lawrence, The Nation, via Consortium News

In retaliation, Moscow has announced that the United States must cut
its embassy staff by roughly two-thirds. All sides agree that relations
between the United States and Russia are now as fragile as they were
during some of the Cold War’s worst moments. To suggest that military
conflict between two nuclear powers inches ever closer can no longer be
dismissed as hyperbole.

All this was set in motion when the DNC’s mail server was first
violated in the spring of 2016 and by subsequent assertions that
Russians were behind that “hack” and another such operation, also
described as a Russian hack, on July 5. These are the foundation stones
of the edifice just outlined.

The evolution of public discourse in the year sinceis worthy of
scholarly study: Possibilities became allegations, and these became
probabilities.Then the probabilities turned into certainties, and these
evolved into what are now taken to be established truths. By my
reckoning, it required a few days to a few weeks to advance from each of
these stages to the next.

Lost in a year that often appeared to veer into our peculiarly
American kind of hysteria is the absence of any credible evidence of
what happened last year and who was responsible for it. It is tiresome
to note, but none has been made available. Instead, we are urged to
accept the word of institutions and senior officials with long records
of deception. These officials profess “high confidence” in their
“assessment” as to what happened in the spring and summer of last year-this standing as their authoritative judgment.

Few have noticed since these evasive terms first appeared that an
assessment is an opinion, nothing more, and to express high confidence
is an upside-down way of admitting the absence of certain knowledge.
This is how officials avoid putting their names on the assertions we are
so strongly urged to accept-as the record shows many of them have
done.

We come now to a moment of great gravity.

There has been a long effort to counter the official narrative we now
call “Russiagate.” This effort has so far focused on the key events
noted above, leaving numerous others still to be addressed.

Until
recently, researchers undertaking this work faced critical shortcomings,
and these are to be explained. But they have achieved significant new
momentum in the past several weeks, and what they have done now yields
very consequential fruit.

There was no hack of the Democratic National Committee’s system on July 5 last year--not by the Russians, not by anyone else. Hard science now demonstrates it was a leak--a download executed
locally with a memory key or a similarly portable data-storage device.
In short, it was an inside job by someone with access to the DNC’s
system. This casts serious doubt on the initial “hack,” as alleged, that
led to the very consequential publication of a large store of documents
on WikiLeaks last summer.

This article is based on an examination of the documents these
forensic experts and intelligence analysts have produced, notably the
key papers written over the past several weeks, as well as detailed
interviews with many of those conducting investigations and now drawing
conclusions from them. Before proceeding into this material, several
points bear noting.

One, there are many other allegations implicating Russians in the
2016 political process. The work I will now report upon does not purport
to prove or disprove any of them. Who delivered documents to WikiLeaks?
Who was responsible for the “phishing” operation penetrating John
Podesta’s e-mail in March 2016?

We do not know the answers to such questions. It is entirely
possible, indeed, that the answers we deserve and must demand could turn
out to be multiple: One thing happened in one case, another thing in
another. The new work done on the mid-June and July 5 events bears upon
all else in only one respect. We are now on notice: Given that we now stand face to face with very considerable cases of duplicity, it is
imperative that all official accounts of these many events be subject to
rigorously skeptical questioning.Do we even know that John Podesta’s
e-mail was in fact “phished”? What evidence of this has been produced? Such rock-bottom questions as these must now be posed in all other
cases.

Two, houses built on sand and made of cards are bound to collapse,
and there can be no surprise that the one resting atop the “hack theory,”as we can call the prevailing wisdom on the DNC events, appears
to be in the process of doing so.

Neither is there anything far-fetched in a reversal of the truth of
this magnitude. American history is replete with similar cases. The
Spanish sank the Maine in Havana harbor in February 1898.

Iran’s Mossadegh was a Communist. Guatemala’s Árbenz represented a
Communist threat to the United States. Vietnam’s Ho Chi Minh was a
Soviet puppet. The Sandinistas were Communists.

Qualified experts working independently of one another began to
examine the DNC case immediately after the July 2016 events.

Prominent
among these is a group comprising former intelligence officers, almost
all of whom previously occupied senior positions.

Veteran Intelligence
Professionals for Sanity (VIPS), founded in 2003, now has 30 members,
including a few associates with backgrounds in national-security fields
other than intelligence. The chief researchers active on the DNC case
are four: William Binney, formerly the NSA’s technical director for
world geopolitical and military analysis and designer of many agency
programs now in use; Kirk Wiebe, formerly a senior analyst at the NSA’s
SIGINT Automation Research Center; Edward Loomis, formerly technical
director in the NSA’s Office of Signal Processing; and Ray McGovern, an
intelligence analyst for nearly three decades and formerly chief of the
CIA’s Soviet Foreign Policy Branch. Most of these men have decades of
experience in matters concerning Russian intelligence and the related
technologies. This article reflects numerous interviews with all of them
conducted in person, via Skype, or by telephone.

The customary VIPS format is an open letter, typically addressed to
the President. The group has written three such letters on the DNC
incident, all of which were first published by Robert Parry at www.consortiumnews.com. Here is the latest, dated July 24; it blueprints the forensic work this
article explores in detail. They have all argued that the hack theory is
wrong and that a locally executed leak is the far more likely
explanation.

In a letter to Barack Obama dated January 17, three days before he
left office, the group explained that the NSA’s known programs are fully
capable of capturing all electronic transfers of data. “We strongly
suggest that you ask NSA for any evidence it may have indicating that
the results of Russian hacking were given to WikiLeaks,” the letter
said. “If NSA cannot produce such evidence--and quickly--this would
probably mean it does not have any.”

The day after Parry published this letter, Obama gave his last press
conference as President, at which he delivered one of the great gemsamong the official statements on the DNC e-mail question. “The
conclusions of the intelligence community with respect to the Russian
hacking,” the legacy-minded Obama said, “were not conclusive.”There is
little to suggest the VIPS letter prompted this remark, but it is
typical of the linguistic tap-dancing many officials connected to the
case have indulged so as to avoid putting their names on the hack theory
and all that derives from it.

Cyber-Evidence

Until recently there was a serious hindrance to the VIPS’s work, and I
have just suggested it. The group lacked access to positive data. It
had no lump of cyber-material to place on its lab table and analyze,
because no official agency had provided any.Donald Rumsfeld famously argued with regard to the WMD question in
Iraq, “The absence of evidence is not evidence of absence.” In essence,
Binney and others at VIPS say this logic turns upside down in the DNC
case: Based on the knowledge of former officials such as Binney, the
group knew that (1) if there was a hack and (2) if Russia was
responsible for it, the NSA would have to have evidence of both. Binney
and others surmised that the agency and associated institutions were
hiding the absence of evidence behind the claim that they had to
maintain secrecy to protect NSA programs.

“Everything that they say must remain classified is already
well-known,” Binney said in an interview. “They’re playing the Wizard of
Oz game.”

New findings indicate this is perfectly true, but until recently the
VIPS experts could produce only “negative evidence,” as they put it: The
absence of evidence supporting the hack theory demonstrates that it
cannot be so. That is all VIPS had. They could allege and assert, but
they could not conclude: They were stuck demanding evidence they did not
have — if only to prove there was none.

Research into the DNC case took a fateful turn in early July, when
forensic investigators who had been working independently began to share
findings and form loose collaborations wherein each could build on the
work of others. In this a small, new website calledwww.disobedientmedia.com
proved an important catalyst.Two independent researchers selected it,
Snowden-like, as the medium through which to disclose their findings.

One of these is known as Forensicator and the other as Adam Carter. On July 9, Adam Carter sent Elizabeth Vos, a co-founder of Disobedient
Media, a paper by the Forensicator that split the DNC case open like a
coconut.

By this time Binney and the other technical-side people at VIPS had
begun working with a man named Skip Folden. Folden was an IT executive
at IBM for 33 years, serving 25 years as the IT program manager in the
United States. He has also consulted for Pentagon officials, the FBI,
and the Justice Department. Folden is effectively the VIPS group’s
liaison to Forensicator, Adam Carter, and other investigators, but
neither Folden nor anyone else knows the identity of either Forensicator
or Adam Carter. This bears brief explanation.

The Forensicator’s July 9 document indicates he lives in the Pacific
Time Zone, which puts him on the West Coast. His notes describing his
investigative procedures support this. But little else is known of him.
Adam Carter, in turn, is located in England, but the name is a coy
pseudonym: It derives from a character in a BBC espionage series called Spooks.
It is protocol in this community, Elizabeth Vos told me in a telephone
conversation this week, to respect this degree of anonymity.

Kirk Wiebe, the former SIGINT analyst at the NSA, thinks Forensicator
could be “someone very good with the FBI,” but there is no certainty.
Unanimously, however, all the analysts and forensics investigators
interviewed for this column say Forensicator’s advanced expertise,
evident in the work he has done, is unassailable. They hold a similarly
high opinion of Adam Carter’s work.

Forensicator is working with the documents published by Guccifer 2.0,
focusing for now on the July 5 intrusion into the DNC server.

The
contents of Guccifer’s files are known — they were published last
September — and are not Forensicator’s concern. His work is with the
metadata on those files. These data did not come to him via any
clandestine means. Forensicator simply has access to them that others
did not have. It is this access that prompts Kirk Wiebe and others to
suggest that Forensicator may be someone with exceptional talent and
training inside an agency such as the FBI.

“Forensicator unlocked and then analyzed what had been the locked
files Guccifer supposedly took from the DNC server,” Skip Folden
explained in an interview. “To do this he would have to have ‘access
privilege,’ meaning a key.”

What has Forensicator proven since he turned his key? How? What has work done atop Forensicator’s findings proven? How?

The Transfer Rate

Forensicator’s first decisive findings, made public in the paper
dated July 9, concerned the volume of the supposedly hacked material and
what is called the transfer rate — the time a remote hack would
require. The metadata established several facts in this regard with
granular precision:On the evening of July 5, 2016, 1,976 megabytes of
data were downloaded from the DNC’s server.

The operation took 87
seconds. This yields a transfer rate of 22.7 megabytes per second.

These statistics are matters of record and essential to disproving
the hack theory. No Internet service provider, such as a hacker would
have had to use in mid-2016, was capable of downloading data at this
speed. Compounding this contradiction, Guccifer claimed to have run his
hack from Romania, which, for numerous reasons technically called
delivery overheads, would slow down the speed of a hack even further
from maximum achievable speeds.

What is the maximum achievable speed? Forensicator recently ran a
test download of a comparable data volume (and using a server speed not
available in 2016) 40 miles from his computer via a server 20 miles away
and came up with a speed of 11.8 megabytes per second — half what the
DNC operation would need were it a hack.Other investigators have built
on this finding. Folden and Edward Loomis say a survey published August
3, 2016,by www.speedtest.net/reports
is highly reliable and use it as their thumbnail index. It indicated
that the highest average ISP speeds of first-half 2016 were achieved by
Xfinity and Cox Communications.

These speeds averaged 15.6 megabytes per
second and 14.7 megabytes per second, respectively. Peak speeds at
higher rates were recorded intermittently but still did not reach the
required 22.7 megabytes per second.

“Transfer rates of 23 MB/s
(Mega Bytes per second) are not just highly unlikely, but effectively
impossible to accomplish when communicating over the Internet at any
significant distance,” he wrote. “Further, local copy speeds are
measured, demonstrating that 23 MB/s is a typical transfer rate when
using a USB–2 flash device (thumb drive).”

In theory the operation could have been conducted from Bangor or
Miami or anywhere in between — but not Russia, Romania, or anywhere else
outside the EDT zone. Combined with Forensicator’s findings on the
transfer rate, the time stamps constitute more evidence that the
download was conducted locally, since delivery overheads — conversion of
data into packets, addressing, sequencing times, error checks, and the
like — degrade all data transfers conducted via the Internet, more or
less according to the distance involved.

Russian ‘Fingerprints’

In addition, there is the adulteration of the documents Guccifer 2.0
posted on June 15, when he made his first appearance. This came to light
when researchers penetrated what Folden calls Guccifer’s top layer of
metadata and analyzed what was in the layers beneath.

To be noted in this connection: The list of the CIA’s cyber-tools
WikiLeaks began to release in March and labeled Vault 7 includes one
called Marble that is capable of obfuscating the origin of documents in
false-flag operations and leaving markings that point to whatever the
CIA wants to point to. (The tool can also “de-obfuscate” what it has
obfuscated.) It is not known whether this tool was deployed in the
Guccifer case, but it is there for such a use.

It is not yet clear whether documents now shown to have been leaked
locally on July 5 were tainted to suggest Russian hacking in the same
way the June 15 Guccifer release was. This is among several outstanding
questions awaiting answers, and the forensic scientists active on the
DNC case are now investigating it.

In a note Adam Carter sent to Folden and McGovern last week and
copied to me, he reconfirmed the corruption of the June 15 documents,
while indicating that his initial work on the July 5 documents--of
which much more is to be done--had not yet turned up evidence of
doctoring.

By any balanced reckoning, the official case purporting to assign a
systematic hacking effort to Russia, the events of mid-June and July 5
last year being the foundation of this case, is shabby to the point
taxpayers should ask for their money back. The Intelligence Community
Assessment, the supposedly definitive report featuring the “high
confidence” dodge, was greeted as farcically flimsy when issued January
6.Ray McGovern calls it a disgrace to the intelligence profession.It
is spotlessly free of evidence, front to back, pertaining to any events
in which Russia is implicated.

Behind the ICA lie other indefensible realities. The FBI has never
examined the DNC’s computer servers--an omission that is beyond
preposterous. It has instead relied on the reports produced by
Crowdstrike, a firm that drips with conflicting interests well beyond
the fact that it is in the DNC’s employ. Dmitri Alperovitch, its
co-founder and chief technology officer, is on the record as vigorously
anti-Russian. He is a senior fellow at the Atlantic Council, which
suffers the same prejudice. Problems such as this are many.

In effect, the new forensic evidence considered herelands in a
vacuum. We now enter a period when an official reply should be
forthcoming. What the forensic people are now producing constitutes
evidence, however one may view it, and it is the first scientifically
derived evidence we have into any of the events in which Russia has been
implicated. The investigators deserve a response, the betrayed
professionals who formed VIPS as the WMD scandal unfolded in 2003
deserve it, and so do the rest of us.

I concluded each of the interviews conducted for this column by
asking for a degree of confidence in the new findings. These are
careful, exacting people as a matter of professional training and
standards, and I got careful, exacting replies.

All those interviewed came in between 90 percent and 100 percent
certain that the forensics prove out. I have already quoted Skip
Folden’s answer: impossible based on the data.

“It’s QED, theorem demonstrated,” William Binney said in response to
my question. “There’s no evidence out there to get me to change my
mind.” When I asked Edward Loomis, a 90 percent man, about the 10
percent he held out, he replied, “I’ve looked at the work and it shows
there was no Russian hack. But I didn’t do the work. That’s the 10
percent. I’m a scientist.”

Editor’s note: In its chronology, VIPS mistakenly gave the wrong date
for CrowdStrike’s announcement of its claim to have found malware on
DNC servers. It said June 15, when it should have said June 14. VIPS has
acknowledged the error, and we have made the correction."

Hello. I will comment on only one question raised here. It has to do w/
anonymity, a matter I looked into carefully and repeatedly during the
reporting. As noted in what I wrote, anonymity in this field is
respected as common practice.

Last night I had a note from Adam Carter in which he addressed this
question of identity. (I didn't solicit his remarks on the topic.)

He
wrote in part:"Please know that both Forensicator and myself only choose to remain
behind pseudonyms for security. (Understanding Guccifer 2.0's purpose
makes it clear to us that whoever it is, they are connected to
influential and wealthy politicians that are not likely to be happy
about this being exposed and the prospect of it being who we think it is
does not make us feel any safer.)"
Adam Carter went on to note he and colleagues are aware of the inconvenience their decisions to remain anonymous imposes.I see nothing peculiar in this judgment. I ought to add that some of
my intelligence sources warned me as we finished our work together to
be careful driving, esp at night and esp on the country roads I traverse
to get home. This is not funny business, I was firmly advised. I'm not
in a position to judge these kinds of things directly, but they are,
and so I take their word for it.

Other contributors to The Nation have spread untruths and whipped up
anti-Russian hysteria among readers. “Russiagate” has all the hallmarks
of a modern inquisition driven by powerful and secret agendas,
political expediency, corporate media profits and malfeasance, fear and
paranoia. At this extraordinarily dangerous moment The Nation must
decide where it will stand."....................

My comment: Mr. Lawrence is correct, this is deadly serious business, ie, "This is not funny business." For example, using the excuse of "RussiaGate," the US government has been overthrown by its political class in nearly unanimous votes in the House and Senate. It took only one vote on one issue: should the US exact a series of punishments for so-called "Russian interference" in the Nov. 2016 presidential
election (though no evidence has been provided of such a thing)? Their nearly unanimous agreement effectively nullifies the Nov. 2016 election and the votes of close to 63 million Americans. That's not all that happened. Americans are now de facto slaves. We're forced to pay for all the wars and fake elections like they have in Communist countries, but they'll eagerly nullify our vote if they don't like it. Who's going to stop them? This is one of the unfunny things that happen when you become a slave.